Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
We were gone for a few weeks, but since many of you have asked for a comeback, here it is. We’ll try to keep it alive!
For the less technical
- Highlights of the French cybersecurity strategy
- Vladimir Drinkman sentenced for a huge data breach
- Russian bots flood Twitter after Parkland shooting
- Report on whistleblowers retaliation
- Chinese turbine company found guilty of stealing trade secrets
- Money stolen from Russian banks using Cobalt Strike and SWIFT system
- Debunking the FUD of the dark web
- SIM hijacking examples
- Equifax breach bigger than initially thought
- Security at scale – the Dropbox approach
- [VIDEO] Numbers station – the spy radio that anyone can hear
- UK and US condemn Russia for Notpetya attacks
- Ukraine power distributor plans cyber defense system for 20 million USD
- New EU privacy law may weaken security
- Zerodium offers 45000 USD for Linux 0-days
- German court rules Facebook use of personal data illegal
- North Korea looking for ways to get hands on cryptocurrencies
For the more technical
- Malware used to attack Olympic Games – analysis
- Another analysis of the Olympic Games malware
- Satori botnet using forever-day vulnerabilities
- Abusing sandbox domain to steal Chrome zerodays
- Three attacks on Web-of-Trust (WOT)
- Using special characters to break iOS and macOS
- Flash 0-day used to attack South Korea
- Google patches multiple Android bugs, and Pixel/Nexus phones
- DoubleDoor – new IoT botnet exploiting two vulnerabilities
- Multi stage Word attacks without using macros
- Coinhoarder – phishing for cryptocurrencies on a scale
- How AI stopped an Emotet outbreak
- Lazarus targeting bitcoin users and banks
- Pentests using Cobalt Stroke -free video course
- Cryptographic attacks on QQ browser (PDF)
- Protecting websites from cryptojacking
- Thousands of domain taken over by a vietnameese hacker
- Google Service Management vulnerability
- Online stalking Citymapper users
- Free G DATA scanner detecting Meltdown/Spectre vulnerabilities
- Reconstructing Notpetya for research purposes
- Skype vulnerability that will be hard to fix
- Trojan dropper using SLK files
- Kaspersky’s 2017 spam and phishing report
- SAP patches several vulnerabilites
- LibreOffice remote arbitrary file disclosure PoC
- Running code on KDE via USB drive name
- Multiple vulnerabilities in Kofax document management system
- Dridex campaing analysis
- Leaked password reuse analysis (PDF)
- Dell EMC remotely exploitable vulnerabilities
- NetBSD RCE
- Recon Brussels 2018 slides
- AndroRAT abusing old Android vulnerability
- Bitmessage Python client 0-day abused to steal cryptocurrencies
- Confucius APT social engineering techniques
- RCE in Tenda AC15 router
- TrickBot steals cryptocurrencies
- Edge on Windows 10 security bypass + technical description
- Drive-by cryptominig campaign on Android
- Oracle WebLogic flaw used to mine cryptocurrencies
- Universal Windows Platform (UWP) protection broken
- ShmooCon 2018 videos
Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.
One thought on “IT Security Weekend Catch Up – February 17, 2018”